Risk

• Design and implement a best-in-class third-party risk management framework, including vendor identification, evaluation and selection, risk assessment, risk decision, contracting and procurement, and reporting and record-keeping.
• Own the third-party lifecycle process, including onboarding, risk tiering, contract reviews, ongoing monitoring, and exit strategies.
• Partnering with ‘first line’ teams to provide guidance and oversight in the assessment of third parties, including new and existing third-party relationships, by embedding good risk practices and finding solutions to problems, identifying risks and recommending controls.
• Playing a key role in the management of third-party related risk incidents and issues that occur.
• Supporting the development and implementation of a third-party risk policy, standards, procedures, training materials, key risk indicators, key performance indicators and appetite statements.
• Conducting in-depth reviews of different areas of the business and reporting on third-party risk matters to oversight committees, internal stakeholders and external stakeholders.
• Analyze the business processes to evaluate the effectiveness of the relevant third-party controls.
• Lead and document due diligence processes (e.g., questionnaires, risk reviews).
• Promote development of educational guidance & resources.
• Ensure quality standards are achieved in development and maintenance of program documentation.
• Collaborate with legal and compliance teams to address regulatory requirements.
• Act as a liaison with regulatory bodies, auditors, and other external stakeholders regarding risk management practices and compliance matters.
• Identify, track, and escalate vendor-related incidents or issues; manage risk remediation plans.

Third Party Risk Manager

Senior Director, Risk – Corporate Insurance